Facebook Fake Friends Phishing Attacks – BEWARE

Facebook is a danger spot from a cyber security perspective. Be careful when accepting friend requests, even from people you think you know.

October 25th, 2016

Next time you’re about to accept a friend request on Facebook from someone you think you know, STOP.

Even if they appear to be genuine and have 16 mutual friends with you, all might not be as it seems.

It’s very easy for a cyber-criminal to view your friends list, and choose somebody to impersonate. They then create a fake profile, copy that person’s pictures, and go about adding your other friends.

When they have enough mutual friends with you in order to appear genuine, they’ll attempt to add you. Unaware of the danger, you accept.

This complete stranger is now able to view very personal information and pictures, and they can even start a conversation with you over facebook to delve for more personal information, ask for money, try to meet up with you in person and gather information that can wreak havoc in your personal life.

There have been cases where ‘cloned accounts’ such as these, controlled by scammers, send messages to friends, asking for money or saying they have won the lottery and require an “advance fee” before transferring some of their new riches to their ‘friends and family’.

What you can do

Edit your privacy settings and change everything to the highest security so that people who are not your friends cannot see any information about you – no pictures, no personal information, and no friends list.

Many people don’t hide their friends list to strangers. Doing so would make these attacks much less effective.

Change your privacy settings to show the least information possible to non-friends, including the list of who you’re friends with.

Be careful who you accept as friends.

Ask yourself “am I already friends with this person?”

Use friend lists with your settings to ensure that only people you really know can see your more personal content.

1.8 billion daily users = 1.8 billion tempting targets

This is not the only way Facebook has been used by cyber criminals.

Due to the high number of users, it’s a very attractive place for cyber-criminals to try to snare some targets.

One attack resulted in users receiving a message from a Facebook friend saying they’d mentioned them in a comment. Clicking the message downloaded a trojan onto the user’s PC that installed a malicious browser extension (as well as containing other things) which would take over the user’s Facebook account when they next logged in. This spread the virus to other friends, and allowed hackers access to any information contained in the user’s Facebook account.

Be highly sceptical of giveaways and prizes!

Facebook is a popular place to run a competition or prize draw, but be extremely wary! Treat these with extreme caution. If you've never heard of the page before and it's not a well known, trusted brand or organisation (think Microsoft or BBC), then it's usually safer not to bother entering.

These pages are often run by scammers who are trying to gain lots of likes, so they can push click-baity articles into your newsfeed that will take you to malicious websites when you click through. This can easily end up with malware being installed on your PC.

This malware can lead to further problems, that range from annoying - like pop-up ads - to serious, like your emails being monitored, sensitive informaiton being stolen, or your PC being added to a botnet and controlled remotely.

Stay safe on Facebook! If you have any more tips, comment down below.

Begin your seamless IT journey

Speak to one of our experts today and see how we can help your business grow through fully managed IT support.